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Terminal Disclaimer 

The terminal disclaimer filed on 5/24/201 0 disclaiming the terminal portion of any patent 
granted on this application which would extend beyond the expiration date of Patents 6,792,534; 
7,231,663; 7,243,366 and 7,421,083 has been reviewed and is accepted. The terminal 
disclaimer has been recorded. 

Allowable Subject Matter 

Amended Claims 1 , 3, 5 - 1 5 and 1 7 - 20 are allowed and renumbered as 1 - 1 7. 

Any comments considered necessary by applicant must be submitted no later than the 
payment of the issue fee and, to avoid processing delays, should preferably accompany the 
issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons 
for Allowance." 

EXAMINER'S AMENDMENT 

An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview with 
Stewart M. Wiener (Registration Number 46,201) on July 12, 2010. 
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In the claim: 

1. (Amended) A communication authorization method, comprising: 

a third party server receiving a request for access information to access content; 

generating the access information and session rights to access the desired content from 
a first application server; 

generating authentication of the access information and session rights using a first 
service ticket to the first application server, wherein the first service ticket is obtained from a key 
distribution center (KDC), wherein the KDC is a separate entity from the first application server; 
and 

sending the access information, session rights and authentication to a client, whereby 
the client presents the access information, session rights and authentication to the first 
application server to be authorized to receive the desired content from the first application 
server; 

the method further comprising: 

the first application server receiving a key request including the access information and 
authentication: 

extracting the access information and authentication; 

verifying the authentication of the access information using the first service ticket, and 
client authorization; and 

issuing a key reply if the authentication of the access information and client authorization 
are verified . 

2. (Canceled) 

3. (Previously presented) The method as claimed in claim 1, further comprising: 
encrypting at least a portion of the session rights using a third party server session key 

for the first application server. 



4. (Canceled) 
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5. (Previously presented) The method as claimed in claim 1, further comprising: 
requesting a ticket granting ticket (TGT ticket); 

receiving a TGT ticket; 

requesting the first party server service ticket for the first application server; and 
receiving the first party server service ticket for the first application server. 

6. (Amended) The method as claimed in claim 1, further comprising: 

th e f i rst app li cat i on s e rv e r r e c ei v i ng a key r e qu e st i nc l ud i ng th e acc e ss i nformat i on and 
auth e nt i cat i on; 

e xtract i ng th e aGG e ss i nformat i on and auth e nticat i on; 

v e r i fy i ng th e auth e nt i cat i on of th e access informat i on us i ng th e f i rst s e rv i c e t i ck e t, and 
c lie nt author i zat i on; 

i ssu i ng a k e y r e p l y i f th e auth e nt i cat i on of th e acc e ss i nformat i on and c lie nt author i zat i on 
ar e v e r i f ie d; 

the KDC receiving a second service ticket request from a client for the first application 

server; 

issuing a second service ticket for the first application server; and 
the step of the first application server receiving a key request from a client wherein the 
key request includes the second service ticket. 

7. (Previously presented) The method as claimed in claim 6, further comprising: 
a client generating a key request including the access information and the 

authentication; 

sending the key request to the first application server; and 

receiving the key reply (KEY_REP) if the authentication of the access information and 
client authorization are verified by the first application server. 

8. (Currently amended) A method for verifying authorization for a client to gain 
access to content and/or services, comprising: 

receiving a key request from a client; 

extracting third party server access information, session rights and third party server 
authentication from the key request; 
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verifying an authentication of the third party access information, session rights and a 
client authorization; 

issuing a key reply directly to the client if the authentication of the third party access 
information, session rights and the client authorization are verified; 

th e KDC receiving , in a key distribution center (KDC), wherein the KDC is a separate 
entity from an application server, a second service ticket request from a client for the application 
server; 

issuing a second service ticket for the application server; and 

the step of the application server receiving a key request from a client wherein the key 
request includes the second service ticket. 

9. (Previously presented) The method as claimed in claim 8, further comprising: 
authenticating the third party server access information using the third party server 

authentication. 

10. (Previously presented) The method as claimed in claim 9, wherein the 
authenticating includes extracting a first service ticket and authenticating the third party server 
access information using the first service ticket. 

1 1 . (Previously presented) The method as claimed in claim 8, wherein the extracting 
the third party server authentication, further comprising the steps of extracting a session key 
from the first party ticket included in the key request; and the step of authenticating the access 
information includes verifying a third party server signature using the session key. 

12. (Previously presented) The method as claimed in claim 11, wherein the 
extracting the session key includes decrypting at least a portion of the first party ticket included 
in the key request using the first application server service key and extracting the session key. 

13. (Previously presented) The method as claimed in claim 5, further comprising: 
the third party server receiving a request for the access information to access content; 
generating the third party server access information to access the desired content from a 

first application server; and 
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generating the third party server authentication of the access information. 

14. (Previously presented) The method as claimed in claim 13, wherein the 
generating the third party server authentication includes incorporating a first party server service 
ticket for the first application server. 

15. (Previously presented) The method as claimed in claim 14, wherein the 
generating the authentication includes generating a signature utilizing a session key of the first 
party server service ticket. 

16. (Canceled) 

17. (Currently amended) A method for providing secure communication when 
distributing services, comprising: 

a third party server receiving a selection for services; 
issuing access information and session rights for the services; 
issuing authentication of the access information and the session rights; 
an application server receiving a key request from a client , the key request including the 
access information and authentication ; 

extracting the access information and authentication; 

verifying an authentication of the access information, session rights and a client 
authorization utilizing, at least in part, a first service ticket; and 

issuing a key reply directly to a client if the authentication of the access information, 
session rights and the client authorization are verified. 

18. (Previously presented) The method as claimed in claim 17, further comprising: 
a KDC receiving a first service ticket request from a third party server for the first 

application server; 

the KDC issuing the first service ticket to the third party server for the first application 
server; and 

the steps of the third party server issuing access information and authentication 
including generating the access information and authentication using the first service ticket. 
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19. (Previously presented) The method as claimed in claim 17, further comprising: 
the KDC receiving a second service ticket request from a client for the first application 

server; 

issuing a second service ticket for the first application server; and 
the step of the application server receiving a key request from a client wherein the key 
request includes the second service ticket. 

20. (Previously presented) The method as claimed in claim 17, wherein: the verifying 
the authentication of the access information includes: 

extracting the first service ticket; 

decrypting the first service ticket; 

extracting a session key from the first service ticket; 

generating a signature using the session key; and 

verifying the signature over the access information with the session key. 

Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to PRAM I LA PARTHASARATHY whose telephone number is (571)272- 
3866. The examiner can normally be reached on 8:00a.m. to 5:00p.m.. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser Moazzami can be reached on 571-272-4195. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you 
would like assistance from a USPTO Customer Service Representative or access to the 
automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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